Data privacy and security is at the core of Zscaler’s business and something we take very seriously
Zscaler ensures that millions of employees at thousands of enterprise and government organizations worldwide are protected against cyberattacks and data breaches. Each organization faces unique regulatory challenges based upon industry, geography, and other factors, and the Zscaler platform is designed to simplify compliance and reporting, globally. Each day, over 200 of the Forbes Global 2000 organizations in more than 185 countries rely on Zscaler.Read about our Cloud Platform
The Zscaler Cloud
It all starts with our architecture. Zscaler built from scratch an infinitely scalable, cost-effective, and ultra-fast cloud security architecture that integrates three key components for control, enforcement, and logging: the Central Authority (CA), Zscaler Enforcement Nodes (ZENs), and Nanolog Servers.
The Control Plane: Central Authority
The Zscaler Central Authority monitors our entire security cloud and provides a central location for software and database updates, policy and configuration settings, and threat intelligence. The collection of Zscaler Central Authority instances together form the brain of the cloud, and they are geographically distributed for redundancy and performance.
The Data Plane: Zscaler
Traffic is directed to the Zscaler Enforcement Node (ZEN) nearest the user, where security, management, and compliance policies are enforced consistently, no matter where the user connects. Each ZEN utilizes a full proxy architecture and is built to ensure that data is not written, but scanned in RAM only and then erased. Logs are continuously created in memory and forwarded to our logging module.
The Logging Plane: Nanolog Technology
Built into ZENs, Nanolog technology performs lossless compression of logs, which are transmitted to Nanolog servers over secure connections and multicast for redundancy. Zscaler customers can mine billions of transaction logs to generate reports that provide insight into network utilization and traffic. We continuously update our dashboards and reporting and can stream logs to a third-party Security Information and Event Management (SIEM) service as they arrive. Customers can choose to have logs written to disk in a physical location that complies with regional regulations.
Security and Data Privacy
Privacy protection at the Web Transaction level
- ZENs never store any web transaction content or personally identifiable information (PII)
- Web transaction content is never written to disk; all content inspection takes place in memory
- Customer transaction logs (Customer Logs) are transferred to Zscaler’s Nanolog Clusters in an encrypted format
- Customers logs are only available via the Zscaler web user interface by authorized administrators with appropriate privileges
Privacy protection at the Facilities level
- Security standards on par with world-class financial and data centers for hub facilities (Either ISO27001, SAS 70, or similar local certification)
- Authorized personnel must pass through multiple levels of security and biometric scanning to gain access
- All data centers are hosted in secure telecommunications centers at major internet exchange points globally
- 24x7x365 security management and site access via security operations center
Privacy protection at the Network level
- Customer logs are never stored in clear text
- Customer logs are transmitted as indexed, compressed and differential logs
- A single log is meaningless without a complete string of historic logs
- All communication between ZENs and Nanolog are encrypted using TLS
Zscaler is ISO27001-certified and provides
SLAs on latency and virus capture too.
The General Data Protection Regulation (GDPR)
Zscaler and the GDPR
Zscaler is committed to our customers’ success, including compliance with applicable privacy laws. Like with other existing privacy laws, including the current data protection directive, compliance with GDPR will require a partnership between Zscaler and our customers in their use of our services and products.Learn more
Australian and New Zealand Data Privacy
As with GDPR, compliance with data privacy laws in Australia and New Zealand will require a partnership between Zscaler and our customers in their use of our services and products. Zscaler remains committed to protecting personal data in compliance with the highest standards of privacy and security.Learn more
Zscaler EU-U.S. and Swiss-U.S. Privacy Shield Certifications
As an early adopter of the Privacy Shield, Zscaler furthers its commitment to protecting the privacy and security of our customers' data. Zscaler customers can be assured that personal data transferred from the EU and Switzerland to the United States will be protected by the safeguards set by the Privacy Shield.Learn more